1 to 25 of 296 Incident Response Jobs in the UK excluding London

Senior Incident Response Analyst When registering to this job board you will be redirected to the online application form. Please ensure that this is completed in full in order that your application can be reviewed. Come and join the Littlefish team! Work location: Remote Salary … would love to hear from you. The role and what youll be getting up to on a day to day basis: As a Senior Incident Response Analyst at Littlefish, youll be at the heart of our Cyber Security Operations Centre (CSOC), working alongside a passionate and skilled team. ...

that makes us truly one team. Who are we looking for? Due to continued growth, Bridewell's CSIRT is seeking a capable and motivated Incident Response Consultant to support and deliver consultancy services to our Critical National Infrastructure (CNI) clients. This role is ideal for professionals with foundational … experience in cyber security and incident response, looking to deepen their expertise and take ownership of client-facing engagements while continuing to develop under the guidance of senior consultants. Requirements You will contribute to strengthening clients' response capabilities through preparation activities, documentation development, and cyber incident ...

Principal Cyber Security Incident Response Analyst £60,000 - £70,000 Full Time/Permanent West Midlands/Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join … large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront ...

Level 3 Analyst North West/Hybrid CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Company A rapidly growing UK-based cyber security provider is expanding its Security Operations Centre following continued demand for advanced MDR, SOC, and Incident Response services. The organisation operates a modern … edge EDR, identity protection, SIEM and automation tooling, with a strong focus on engineering a highly effective, cloud-native SOC environment. CrowdStrike | LogScale SIEM | Incident Response | Threat Hunting The Role This permanent position is ideal for an experienced SOC Level 3 Analyst looking to lead advanced detection engineering ...

Stevenage The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)— including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more. The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation ...

Stevenage The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

team activities in critical industrial environments? Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing? What … professional membership fees covered What will you be doing? Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises Planning and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios ...

team activities in critical industrial environments? Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing? What … professional membership fees covered What will you be doing? Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises Planning and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios ...

team activities in critical industrial environments Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing What … with professional membership fees coveredWhat will you be doing?•Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises•Planning and executing security assessments and incident response exercises in OT/ICS environments•Developing and implementing attack scenarios ...

proactive and skilled Level 2 SOC Analyst to support their growing client base. This role is ideal for someone with hands-on SOC or incident response experience who enjoys analysing complex security events and helping strengthen defensive operations. As a Level 2 SOC Analyst, you will … ownership of advanced investigations and contributing to continuous improvement of our security monitoring services. You'll work across a variety of customer environments, supporting incident response, enhancing detection logic, and ensuring threats are identified and contained quickly. This position includes participation in an on-call rotation for high ...

security strategy and play a critical role in shaping client security roadmaps. This position focuses on strategic leadership, proactive risk management, and ensuring robust incident response processes. You will act as a trusted advisor to clients and internal teams, driving security initiatives that align with business objectives … regulatory requirements. Responsibilities: Develop and maintain client cyber security roadmaps to ensure long-term resilience and compliance. Coordinate and oversee incident response efforts, ensuring timely containment and remediation of threats. Liaise with clients and stakeholders to communicate risks, strategies, and progress effectively. Prioritise remediation efforts based on risk ...

primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document … infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams ...

Lead Cybersecurity Incident Responder - IR, Cyber, Salary: Competitive, based on experience + benefitsLocation: London/Hybrid (some travel European travel) About the Organisation This forward-thinking cybersecurity intelligence organisation is recognised as a European leader, partnering with some of the most prominent brands to anticipate, prevent, and respond … grow, innovate, and make a real impact.Who We're Looking For We are seeking a highly experienced cybersecurity professional with a strong background in incident response and advanced security operations. Essential experience and skills: * Extensive hands-on experience in Incident Response (IR), SOC, MSSP, CSIRT ...

will support information security and risk activities within Operational Security Management. Our Security Operations Center (SOC) is the frontline of defense, responsible for incident response, initial triage, and proactive threat hunting. You will work closely with the Cyber Security Incident Response Team (CSIRT) and business units … work as part of a rotation. Where weekend work is done days off during the week will be provided. What you will deliver: Perform incident detection and response within the SOC, including analysis and escalation of security alerts. Investigate security incidents and ensure accurate documentation in SIEM ...

Secure your future with our defined contribution pension scheme, featuring matched contributions up to 10% from the company. The Role As a Cyber Insurance Incident Manager at Willis, you will serve as an advisor and support lead for internal colleagues and clients facing cyber incidents. This role requires strong … communication skills to support clients through high-stress events such as ransomware attacks, data breaches, and business email compromises. You will help ensure rapid response, align incident actions with insurance policy terms, and manage relationships with insurers, legal counsel, and technical vendors to protect client interests and minimize ...

networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain detection rules, use cases, threat-intelligence processes, and incident response playbooks. Automate detection and response workflows, using scripting tools (e.g. Python, PowerShell). Perform threat-hunting, log-analysis (including firewall … hours coverage if needed. What we're looking for Solid experience, ideally 3+ years working in a SOC or security operations/incident-response role. Strong working knowledge of Microsoft security stack (e.g. Sentinel, Defender) and hands-on experience with SIEM tooling, alerts triage, detection logic, and security ...

practices and implementing controls for Cloud Security and governance. Implementation of automated security tooling to validate security requirements and identify potential issues. Threat Detection & Incident Response Define threat detection and incident response processes and playbooks for cloud environments. Collaborate with the SOC to operationalise detection rules … incident handling. Compliance & Audit Support GRC in meeting evidence and compliance requirements for ISO27001, NCSC Cloud Security Principles, and SOC2. Reviewing the outputs from security tools and security practices. You will filter and prioritise these into security stories that can be understood and actioned by the delivery teams. Collaboration ...

Role: Agentic AI for Security & Sentinel Advanced Capabilities Lead the adoption and integration of Agentic AI for Security to enable autonomous threat detection, adaptive response, and continuous security posture improvement. Architect and optimise Microsoft Sentinel for SIEM, UEBA, and threat intelligence integration, leveraging Microsoft Sentinel Model Context Protocol … advanced context-aware analytics and automation. Develop and maintain security analytics and data pipelines within Sentinel Data Lake to support large-scale threat detection, incident response, and threat hunting, while optimizing cost and enabling Agentic AI-driven security operations. Integrate and automate security workflows using Microsoft Sentinel Graph ...

getting organised ahead of their anticipated growth. We’re focused on finding them a Security Operations (SecOps) Manager to enhance their cybersecurity, oversee incident response and ensure the protection of critical systems and data. This position also includes line management of two team members who support IT operations … week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and implementation of emerging technology, including AI security tools Conduct ...

getting organised ahead of their anticipated growth. We’re focused on finding them a Security Operations (SecOps) Manager to enhance their cybersecurity, oversee incident response and ensure the protection of critical systems and data. This position also includes line management of two team members who support IT operations … week, 3 days from home. Key Responsibilities Monitor and analyse alerts from SIEM, EDR, firewalls, and other security platforms Lead and coordinate incident response activities Manage security projects including DPIAs, supplier assurance, penetration testing, and remediation Support evaluation and implementation of emerging technology, including AI security tools Conduct ...

applying zero trust principles, industry frameworks, and technical expertise across cloud, networks, and operating systems, you will develop security roadmaps, remediation plans, and incident response strategies that align with business needs. This role offers the opportunity to work directly with IT and business leaders to design secure infrastructures … infrastructure architectures for hybrid cloud environments. Apply zero trust principles to strengthen infrastructure security strategies and programs. Lead the development of remediation plans, incident response procedures, and security roadmaps tailored to client business needs. Provide consulting services to analyze and resolve infrastructure-related security incidents. Perform risk assessments ...

assessments, identify vulnerabilities, and implement mitigation strategies that protect our infrastructure and digital assets. Oversee Security Operations: Lead daily security operations, including monitoring and incident response, ensuring our defences stay robust. Ensure Compliance: Work with our risk and compliance team to ensure compliance with regulations such as GDPR … certifications like ISO 27001. Promote Security Awareness: Foster a security-conscious culture through employee training, keeping the whole organisation alert to security risks. Incident Response: Manage and lead the resolution of security incidents, containing threats and ensuring our recovery is swift and effective. What You'll Bring Experience ...

Cyber IT Operations Lead, you will take ownership of operational cybersecurity, policies, and risk management. You will define and maintain security standards, oversee incident response, and ensure compliance with frameworks such as ISO27001, Cyber Essentials, CIS, NIST, and GDPR. A key part of this role involves leading … with customers and partners, and support accreditation and audit processes. Cyber IT Operations Lead Essential Skills: Strong experience across IT operations and cybersecurity, including incident response, risk management, and policy creation Working knowledge of security frameworks such as ISO27001, CIS, NIST, GDPR, and Cyber Essentials Cybersecurity certifications such ...

Engineer to help strengthen their defences and improve their security posture.This role is ideal for someone who wants to develop their skill set across incident response, cloud security, vulnerability management and cyber awareness. You’ll be joining a supportive team where learning is encouraged, ongoing development is resourced … backed (including SSCP, ITIL and cloud accreditations).This goes beyond routine monitoring — you’ll play a key part in enhancing security resilience, improving threat response processes, and helping embed a security-first mindset across the business. Please note: Due to the nature of the work, security vetting will ...